Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          u5U0mqlu+bMlKP3T1SqURFlFwmBRB4xr5ECUG2CtdV8=
Subject key identifier:   54:1F:9D:1A:9E:2E:65:70:FF:B3:AB:C2:65:F3:40:EE:BC:FC:5C:B5
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       0198D54EC67888BE5D696BC8B8F3968800FF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0D18
Signing time:             Sat 23 Aug 2025 05:02:46 +0000
Manifest this update:     Sat 23 Aug 2025 05:02:46 +0000
Manifest next update:     Sun 24 Aug 2025 05:02:46 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: vzgq2TA0EIXwVnolGr2xVxwfiARKF0sKgGCz+WfsPlk=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Aug 2025 00:37:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:d5:4e:c6:78:88:be:5d:69:6b:c8:b8:f3:96:88:00:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Aug 23 05:02:46 2025 GMT
            Not After : Aug 24 05:02:46 2025 GMT
        Subject: CN=541f9d1a9e2e6570ffb3abc265f340eebcfc5cb5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:10:52:74:86:1a:e7:30:32:db:59:67:57:7f:
                    9d:e6:e7:0b:88:9d:3e:93:cd:a2:f7:13:3e:ea:f0:
                    a4:6a:cd:0a:3a:f5:40:e0:0f:69:08:33:33:e4:c4:
                    95:07:2c:3d:ce:cc:db:63:0b:6a:fa:78:56:1b:77:
                    7c:90:74:c8:57:69:4f:a8:b8:eb:6e:4c:ac:b2:b0:
                    76:e8:5f:9e:4d:60:0a:93:ea:d0:b7:95:97:52:f1:
                    1e:2e:a8:4f:cf:69:b5:9a:a7:e0:ee:eb:67:72:2b:
                    63:6e:20:a7:f0:de:16:39:95:92:9e:49:fe:6c:ec:
                    b3:27:9e:4a:f6:51:45:91:06:91:fd:82:51:b6:08:
                    3d:03:5f:50:8d:98:c3:d7:b1:c2:7e:81:58:df:e2:
                    b6:f3:a4:e1:27:6d:a6:0a:c9:05:64:61:d5:17:8c:
                    31:71:69:74:d9:78:42:d9:27:e8:61:2e:14:e6:b7:
                    8d:2b:0c:1a:98:46:1c:46:ca:24:29:63:fe:e5:ef:
                    d0:9b:0b:f2:37:91:20:47:8a:a7:b1:06:1b:91:f1:
                    9d:99:f1:a6:74:ca:32:4d:97:f2:f9:91:f6:f0:ae:
                    4b:38:08:fa:e6:3f:79:40:35:1a:b2:53:c4:ca:5a:
                    e6:25:91:bc:d8:35:ae:fc:27:f4:f2:a9:24:69:91:
                    35:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:1F:9D:1A:9E:2E:65:70:FF:B3:AB:C2:65:F3:40:EE:BC:FC:5C:B5
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:61:ea:ab:b9:cb:7d:e5:60:70:0a:c7:25:38:e2:9d:fa:2a:
         76:bc:20:74:67:53:a2:ae:03:12:a7:a1:fe:f7:46:fb:ca:e9:
         59:68:c3:f1:56:ef:02:35:2c:d0:64:47:f1:c3:d2:3d:98:b5:
         35:f4:bf:7f:db:8a:e5:44:19:4e:14:9e:b7:ee:92:1b:71:79:
         57:f1:3a:a3:dd:e3:f1:a6:cf:23:f3:21:7b:7e:8c:8e:12:f8:
         32:3e:1d:52:d6:03:fc:ee:15:5e:db:80:e9:5a:87:fd:29:6e:
         16:4b:e3:bd:3c:86:a4:c2:1e:0f:9b:bb:52:07:27:bb:15:c2:
         13:34:98:b9:ec:7e:af:bd:5b:c8:86:55:f6:39:d7:c4:ba:40:
         d8:62:15:b6:26:83:fd:b5:82:a9:05:cf:1f:88:d3:70:e4:38:
         89:63:30:32:4c:c4:76:34:4d:65:1d:14:25:85:c3:2a:27:d3:
         73:16:82:3c:5d:5f:72:cc:06:f2:4f:6a:53:f3:4d:57:cf:7d:
         eb:bc:75:ec:10:0f:d2:2a:c4:a2:7f:02:9b:e2:e3:16:bb:3d:
         bf:38:04:84:a8:80:0a:ca:4d:c3:84:15:0a:ef:6a:6b:c2:b7:
         ff:e1:87:93:c2:60:a5:b4:97:c8:82:4a:8d:81:19:4c:4d:f0:
         37:28:9c:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVTsZ4iL5daWvIuPOWiAD/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUwODIzMDUwMjQ2WhcNMjUwODI0MDUwMjQ2WjAzMTEwLwYDVQQD
Eyg1NDFmOWQxYTllMmU2NTcwZmZiM2FiYzI2NWYzNDBlZWJjZmM1Y2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BBSdIYa5zAy21lnV3+d5ucLiJ0+
k82i9xM+6vCkas0KOvVA4A9pCDMz5MSVByw9zszbYwtq+nhWG3d8kHTIV2lPqLjr
bkyssrB26F+eTWAKk+rQt5WXUvEeLqhPz2m1mqfg7utncitjbiCn8N4WOZWSnkn+
bOyzJ55K9lFFkQaR/YJRtgg9A19QjZjD17HCfoFY3+K286ThJ22mCskFZGHVF4wx
cWl02XhC2SfoYS4U5reNKwwamEYcRsokKWP+5e/QmwvyN5EgR4qnsQYbkfGdmfGm
dMoyTZfy+ZH28K5LOAj65j95QDUaslPEylrmJZG82DWu/Cf08qkkaZE1SQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQfnRqeLmVw/7OrwmXzQO68/Fy1MB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIWHqq7nL
feVgcArHJTjinfoqdrwgdGdToq4DEqeh/vdG+8rpWWjD8VbvAjUs0GRH8cPSPZi1
NfS/f9uK5UQZThSet+6SG3F5V/E6o93j8abPI/Mhe36MjhL4Mj4dUtYD/O4VXtuA
6VqH/SluFkvjvTyGpMIeD5u7UgcnuxXCEzSYuex+r71byIZV9jnXxLpA2GIVtiaD
/bWCqQXPH4jTcOQ4iWMwMkzEdjRNZR0UJYXDKifTcxaCPF1fcswG8k9qU/NNV899
67x17BAP0irEon8Cm+LjFrs9vzgEhKiACspNw4QVCu9qa8K3/+GHk8JgpbSXyIJK
jYEZTE3wNyicxQ==
-----END CERTIFICATE-----